The Latest in IT Security

Email Threats Highlights: EFTPS, BBB and Federal Reserve Spam


Researchers in the AV Labs have captured and recorded a number of notable email threats last week-generally spam related to malware-that we have discussed in brief below:

  • Fake BBB Complaints Spam Can Unsettle Businesses. This spam lets recipients know that the Better Business Bureau, or BBB, has purportedly received a “complaint of uneasiness” from one of recipient’s clients. Details are deliberately not disclosed in the email body but points to a link recipients can refer to for details. The link does not lead to any details that may shed light on the matter at hand, however; instead, recipients are redirected to a URL where a Blackhole Exploit Kit awaits.

    click to enlarge

    A previous sample of this spam is found to contain a link where an information stealer can be downloaded onto systems.

  • Fake EFTPS Spam is Equal Parts Unsettling for Businesses and Workers. If there is probably one thing payroll processors do not want to hear, it’s payroll issues. Receiving a notice from the Electronic Federal Tax Payment System, or EFTPS, that a supposed payroll batch has been declined may cause more than just dissatisfied employees: details and contact links in the email body of this spam lead to a Cridex system infection.

    click to enlarge

  • Spammers Lead FedMail ACH Spam Recipients to Cridex.

    click to enlarge

    A hint of urgency in this fake Federal Reserve System email, considering it pretends to originate from the central banking system of the United States, may allow someone to click the link without thinking because, well, it’s “only” an announcement. But when it comes to fooling people via email, one has to understand that the more inconspicuous it might appear or sound on the outside, the more one has to be careful in dealing with it. This spam is no different and must be handled with caution.

Users are advised to mark the above email threats as spam if they’re found in their inbox and then/or simply delete them.

The GFI Labs Team

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments